Download PDFOpen PDF in browser

Automated Proof of Authentication Protocols in a Logic of Events

18 pagesPublished: May 15, 2012

Abstract

Using the language of event orderings and event classes, and using a type of atoms to represent nonces, keys, signatures, and ciphertexts, we give an axiomatization of a theory in which authentication protocols can be formally defined and strong authentication properties proven. This theory is inspired by PCL, the protocol composition logic defined by Datta, Derek, Mitchell, and Roy.

We developed a general purpose <i>tactic</i> (in the NuPrl theorem prover), and applied it to automatically prove that several protocols satisfy a strong authentication property. Several unexpected subtleties exposed in this development are addressed with new concepts <i>legal protocols</i>, and a <i>fresh signature criterion</i> - and reasoning that makes use of a well-founded causal ordering on events.

This work shows that proofs in a logic like PCL can be automated, provides a new and possibly simpler axiomatization for a theory of authentication, and addresses some issues raised in a critique of PCL.

Keyphrases: Authentication protocols, event logic, formal proof, Security

In: Markus Aderhold, Serge Autexier and Heiko Mantel (editors). VERIFY-2010. 6th International Verification Workshop, vol 3, pages 13--30

Links:
BibTeX entry
@inproceedings{VERIFY-2010:Automated_Proof_of_Authentication,
  author    = {Mark Bickford},
  title     = {Automated Proof of Authentication Protocols in a Logic of Events},
  booktitle = {VERIFY-2010. 6th International Verification Workshop},
  editor    = {Markus Aderhold and Serge Autexier and Heiko Mantel},
  series    = {EPiC Series in Computing},
  volume    = {3},
  pages     = {13--30},
  year      = {2012},
  publisher = {EasyChair},
  bibsource = {EasyChair, https://easychair.org},
  issn      = {2398-7340},
  url       = {https://easychair.org/publications/paper/sCGD},
  doi       = {10.29007/r7n1}}
Download PDFOpen PDF in browser